package com.ruyuan.controller;

import org.apache.shiro.SecurityUtils;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;

/**
 * @author xx
 */
@Controller
@RequestMapping("/salary")
public class SalaryController {

    @RequestMapping("/add/{id}")
//    @RequiresRoles("admin")
    public String add(@PathVariable("id") int id) {
        String str = "+salary+1+" + id;
        if (!SecurityUtils.getSubject().isPermitted(str)) {
            return "unauthorized";
        }
        return "add";
    }

    @RequestMapping("/del/{id}")
//    @RequiresPermissions("user:del")
    public String del(@PathVariable("id") int id) {
        String str = "+salary+4+" + id;
        if (!SecurityUtils.getSubject().isPermitted(str)) {
            return "unauthorized";
        }
        return "del2";
    }

}
